Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/PmO_uOpAaee8Q6P9O2qRKkVaABc.roa
File: PmO_uOpAaee8Q6P9O2qRKkVaABc.roa (raw, json)
Hash identifier: eQTpX81RRqb/yNLkIUCvbrgN3q9lYBnbavWv4fly0nU=
Subject key identifier: 3E:63:BF:B8:EA:40:69:E7:BC:43:A3:FD:3B:6A:91:2A:45:5A:00:17
Certificate issuer: /CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Certificate serial: 018CC727627428134F945CAC0EB97957376C
Authority key identifier: 63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/PmO_uOpAaee8Q6P9O2qRKkVaABc.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43926
IP address blocks: 46.253.36.0/24 maxlen: 24
46.253.35.0/24 maxlen: 24
46.253.37.0/24 maxlen: 24
46.253.32.0/24 maxlen: 24
46.253.38.0/24 maxlen: 24
46.253.34.0/24 maxlen: 24
46.253.33.0/24 maxlen: 24
46.253.39.0/24 maxlen: 24
185.58.172.0/24 maxlen: 24
185.58.173.0/24 maxlen: 24
185.58.174.0/24 maxlen: 24
185.58.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:62:74:28:13:4f:94:5c:ac:0e:b9:79:57:37:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e63bfb8ea4069e7bc43a3fd3b6a912a455a0017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d2:10:27:18:84:61:fb:df:2b:34:e3:38:ef:
f8:ca:65:10:2a:88:8f:d3:cc:62:c3:35:04:da:2e:
90:89:1a:4d:49:7f:1f:ba:ec:9d:c2:83:a1:f9:53:
fe:ba:c5:d9:1c:73:be:c3:19:79:13:9b:92:50:3f:
b1:bb:0a:c2:02:42:b1:aa:3a:d7:1a:fe:dd:ed:08:
16:40:a0:62:89:8b:76:7e:82:c8:8a:8c:8b:67:60:
33:64:34:de:a1:1c:41:57:5f:fd:b3:9c:7f:78:7c:
a7:67:ba:28:d7:7a:ff:9d:6e:18:0a:2e:20:5c:33:
cb:03:68:30:2a:be:47:aa:21:b1:42:19:4f:62:10:
db:e8:13:77:54:57:7f:69:bf:96:d5:42:94:d9:af:
e8:d2:08:93:b1:12:b6:93:8e:d4:74:ce:ed:84:97:
9e:97:16:ff:46:e2:df:5f:f6:2d:b6:42:62:ef:15:
b0:f9:9f:30:18:aa:74:26:52:cd:94:56:83:a6:ff:
56:97:63:84:b0:18:06:36:4c:70:ac:6a:a9:be:e8:
c1:be:53:fa:30:05:d8:3f:50:ea:cc:0c:34:af:48:
fc:2a:99:a0:5e:16:db:e7:16:35:91:57:6f:70:2c:
aa:c6:ca:94:e0:1e:25:35:2e:ce:be:40:ed:70:f3:
28:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:63:BF:B8:EA:40:69:E7:BC:43:A3:FD:3B:6A:91:2A:45:5A:00:17
X509v3 Authority Key Identifier:
keyid:63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/PmO_uOpAaee8Q6P9O2qRKkVaABc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.32.0/21
185.58.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:41:da:4e:a8:9b:3c:cd:f8:3d:9d:bb:74:38:dd:9b:92:54:
7f:ad:78:5e:a1:3a:4d:8f:8f:1b:3d:a4:d6:0d:ff:2e:67:d8:
51:8a:a5:ba:a7:de:32:1d:6e:a5:1c:bc:89:f8:a9:67:18:49:
25:49:c8:f1:f4:8f:f9:41:2a:af:bd:57:6e:64:d7:1c:53:fa:
ce:0b:c9:49:8d:92:5a:b9:7b:f7:de:cf:1b:5c:a7:58:76:00:
66:b1:07:df:16:8a:8b:a6:81:f5:4f:43:89:15:ef:3e:e7:a6:
4b:3a:1e:cd:fa:96:67:61:c4:f6:6c:70:b3:f8:f1:a6:fb:20:
85:e8:12:4e:67:83:e8:42:06:1b:9a:cd:b7:25:f1:8e:ff:cb:
ff:47:9b:3d:80:1d:e5:f2:bd:b5:cc:fe:64:0c:55:d6:59:e0:
84:67:fa:58:0e:15:9f:89:a6:c3:0d:66:7e:03:9e:45:63:b5:
df:3b:de:96:d3:9a:d0:bf:78:aa:0b:9e:55:84:0d:57:0c:bd:
79:08:b2:f1:56:a2:9f:1f:51:ce:1f:2d:6c:f1:f2:3c:8b:c0:
b6:5d:6d:01:69:4c:be:f2:99:58:e0:7c:8f:98:7e:7c:10:4e:
18:66:16:97:59:44:c7:c9:4a:6b:77:b4:dd:c4:b7:35:6d:92:
10:a7:7e:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ2J0KBNPlFysDrl5VzdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjE0ZjhlMTQ0YzZkNTBjMzhhYjRmYWZmNWFjNmU1NDdm
ZTFkNDcwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTYzYmZiOGVhNDA2OWU3YmM0M2EzZmQzYjZhOTEyYTQ1NWEwMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNIQJxiEYfvfKzTjOO/4ymUQKoiP
08xiwzUE2i6QiRpNSX8fuuydwoOh+VP+usXZHHO+wxl5E5uSUD+xuwrCAkKxqjrX
Gv7d7QgWQKBiiYt2foLIioyLZ2AzZDTeoRxBV1/9s5x/eHynZ7oo13r/nW4YCi4g
XDPLA2gwKr5HqiGxQhlPYhDb6BN3VFd/ab+W1UKU2a/o0giTsRK2k47UdM7thJee
lxb/RuLfX/YttkJi7xWw+Z8wGKp0JlLNlFaDpv9Wl2OEsBgGNkxwrGqpvujBvlP6
MAXYP1DqzAw0r0j8KpmgXhbb5xY1kVdvcCyqxsqU4B4lNS7OvkDtcPMoRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5jv7jqQGnnvEOj/TtqkSpFWgAXMB8GA1UdIwQY
MBaAFGPxT44UTG1Qw4q0+v9axuVH/h1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjct
ZGEzOTQzODRlOTI1LzEvUG1PX3VPcEFhZWU4UTZQOU8ycVJLa1ZhQUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjctZGEzOTQzODRlOTI1
LzEvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0gAwQC
uTqsMA0GCSqGSIb3DQEBCwUAA4IBAQCxQdpOqJs8zfg9nbt0ON2bklR/rXheoTpN
j48bPaTWDf8uZ9hRiqW6p94yHW6lHLyJ+KlnGEklScjx9I/5QSqvvVduZNccU/rO
C8lJjZJauXv33s8bXKdYdgBmsQffFoqLpoH1T0OJFe8+56ZLOh7N+pZnYcT2bHCz
+PGm+yCF6BJOZ4PoQgYbms23JfGO/8v/R5s9gB3l8r21zP5kDFXWWeCEZ/pYDhWf
iabDDWZ+A55FY7XfO96W05rQv3iqC55VhA1XDL15CLLxVqKfH1HOHy1s8fI8i8C2
XW0BaUy+8plY4HyPmH58EE4YZhaXWUTHyUprd7TdxLc1bZIQp36y
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:26:56 2024 by rpki-client on console-fra.rpki-client.org